This week's book giveaway is in the HTML Pages with CSS and JavaScript forum.
We're giving away four copies of Testing JavaScript Applications and have Lucas da Costa on-line!
See this thread for details.
Win a copy of Testing JavaScript Applications this week in the HTML Pages with CSS and JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Bear Bibeault
  • Ron McLeod
  • Jeanne Boyarsky
  • Paul Clapham
Sheriffs:
  • Tim Cooke
  • Liutauras Vilda
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • fred rosenberger
  • salvin francis
Bartenders:
  • Piet Souris
  • Frits Walraven
  • Carey Brown

'signing' and 'grant'

 
Ranch Hand
Posts: 2107
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
I have revised the java.policy and put:

grant {
permission java.security.AllPermission;
};

Now, I am adding the 'signing' of the jar.

Has signing an applet/jar got anything to do with the 'grant' access? Or are they 2 totally independent factors?

 
Rancher
Posts: 43016
76
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
They both accomplish the same thing, more or less. If you have the AllPermission in place, then signing the applet shouldn't be necessary.
 
Jesus Angeles
Ranch Hand
Posts: 2107
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks.

Is it possible to specify 'grants' (give grants) together with the signing of the jar?

As of now, I removed the

grant {
permission java.security.AllPermission;
};

and add specific grants (e.g. io read on 'c:/tmp/*').

 
Ulf Dittmer
Rancher
Posts: 43016
76
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Signing the jar file also grants all permissions, so adding further permissions in the policy file would have no effect.
 
Jesus Angeles
Ranch Hand
Posts: 2107
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Ulf Dittmer wrote:Signing the jar file also grants all permissions, so adding further permissions in the policy file would have no effect.



Thank you for the reply.

When I deployed the signed version of the jar (using self-signed certificate), I did get a pop up asking me if I want to allow the applet to run, and trust the publisher.

However, there was no change in the permitted actions of the applet.

The applet still doesnt have permission to do stuff, like io reads.

That is why I added those 'grants' in the java.policy.

I wonder if there is something wrong with regards to my signing, or the certificate. Is what you mentioned true also on 'self-signed' certificates?
 
Ulf Dittmer
Rancher
Posts: 43016
76
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
That's odd. As far as the applet is concerned, all certificates are equal, so if the user accepts it then all permissions are granted to the applet.
 
brevity is the soul of wit - shakepeare. Tiny ad:
Thread Boost feature
https://coderanch.com/t/674455/Thread-Boost-feature
    Bookmark Topic Watch Topic
  • New Topic